Very slow browsing on L2TP broadband VPN server

The scenario:

One perfectly functional L2TP broadband Win2003 VPN server with all patches/fixes/updates applied (static public IP). This server is primarily an AutoCAD file server for remote engineers.

There are (so far) three XP clients that have no problems connecting. All clients are accessing the files through 2 mapped drives. Two of the clients take a painfully long time to browse the file server while one can browse as if it were attached to the local LAN (instantaneous). The only difference between them is that the two slow clients have AutoCAD installed, the one client does not. The browsing is equallty slow whether done through AutoCAD or Win Explorer, with & without AutoCAD running.

I have used several LAN monitoring tools on the clients and there are no obvious network issues. Disabling antivirus & firewall and other backgroung programs have no effect. Bypassing the client side routers & port forwarding also have no effect. I am assuming that since the two slow clients have AutoCAD installed, there must be an icon caching issue slowing the browse process, but I have not been able to pinpoint it, nor have I figured out how to stop the caching for the mapped drives.

I've researched the WEB on this issue for a couple of months before coming here and am convinced there is something simple I am overlooking.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Rob WilliamsCommented:
Any chance it is a physical connection problem. Have you tried comparing the results of a ping from the different locations? A VPN should give you a response time of less than 125ms to function properly. For reasonable performance I like to see 50ms or less.
Just a thought.
TechDaddyTAuthor Commented:
No, there are no physical connection problems that I've found. Ping tests were performed at two locations for both (slow) clients with excellent response times. In fact, I had one of the slow clients connecting from the same location as the fast one and it is still slow. Both of them are notebooks that log in from multiple locations & login is always instantaneous for both of them.

The only problem here is browsing. Once they can "see" the file(s) they want, the transfer is very quick. Once they return to browsing, it can take up to 30 seconds or longer for each screen scroll. The problem is definitely in the client system somewhere.
Rob WilliamsCommented:
Sorry I have no further suggestions but I will be "lurking". It is very interesting problem. I have seen similar issues before but all relate to database configurations, or virus scanning of remote files, but you have addressed that. Curious to see other suggestions. Good luck.

Only other thought would be delays due to name resolution. If you browse using \\IPAddress\ShareName do you get a better response time than \\Computername\ShareName
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

TechDaddyTAuthor Commented:
Thanks for the thoughts, all are appreciated... and yes, it's an interesting problem. None of the net captures showed any name resolution or DNS anomolies. I currently use the \\IPAddress\ShareName method as I have the server behind a router, which takes the public IP, then forwards the port traffic to the server.

I'll mention this one thing for anyone who may the think the one fast client is a fluke. I've already set up three other "clean" test systems as VPN clients (no AutoCAD) and they all browse beautifully. I'm beginning to think this question may not be in the correct forum.
Here's a tip I've picked up somewhere along the way:

Speed up your browsing of Windows 2000 & XP machines AND Speed up viewing shared files across a network

Here's a great tip to speed up your browsing of Windows 2000 & XP machines.
Its actually a fix to a bug installed as default in Windows 2000 that scans shared files for Scheduled Tasks.
And it turns out that you can experience a delay as long as 30 seconds when you try to view shared files across a network because
Windows 2000 is using the extra time to search the remote computer for any Scheduled Tasks.
Note that though the fix is originally intended for only those affected, Windows 2000 users will experience
that the actual browsing speed of both the Internet & Windows Explorers improve significantly after applying it
since it doesn't search for Scheduled Tasks anymore.
Here's how :

Open up the Registry and go to :


Under that branch, select the key :{D6277990-4C6A-11CF-8D87-00AA0060F5BF} and delete it.

This is key that instructs Windows to search for Scheduled Tasks.
If you like you may want to export the exact branch so that you can restore the key if necessary.


Windows XP automatically searches the network for shares and printers upon connecting to the network. This is probably useful in a SOHO or home network but not the enterprise. To disable XP automatic discovery:
In Explorer, click Tools
Click Folder Options
Click the View tab,
Uncheck Automatically Search for Network Folders and Printers in Advanced settings list.
It is important to disable this setting in Windows XP because it is the basis of a seriouse security flaw in XP. When you click My Network Places, your logon password may be transmitted automatically to numerous unspecified computers on the LAN. Windows XP tries to acquire the shared resources list of all computers on the LAN. At that time, the users local logon password is used when the password for the shared resource is not known. Your PC transmits the LMhash version of you password.

If there are NT4.0 or any other pre-Windows 2000 PCs on the LAN, XP will transmit your password to the pre-Windows 2000 PCs during its share and print search. It transmits the LM hash which is significantly weaker than XP or Windows 2000 hashes. In order to protect the LM hash, XP has a registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\NoLMHash which if set to 1 will prevent XP or Windows 2000 from generating the LM hash. pwdump will not be able to acquire the LM hash, which is a good thing.

Network troubleshooting
Hidden in Windows XP's System Information utility is a very good tool for getting a lot more information about what's going on. Go to Start | All Programs | Accessories | System Tools | System Information. Then choose Net Diagnostics from the Tools menu. The program will ping your DNS servers, gateways, SMTP and POP3 mail servers, and proxies; test your modem and network adapters; and supply very detailed reports about your settings, as well as which tests passed and which failed.
Rob WilliamsCommented:
I did a little digging and came up with the following suggestions from various AutoCAD forums. It seems the slow browsing issue is common, however usually only within AutoCAD. Therefore, they may not be any help but thought I would post for interest sake:

-Having AutoCAD's search for digital signatures enabled can slow down browsing in folders with a number of drawings in the same folder.
-In the network adapter's TCP/IP properties under the WINS tab, enable NetBIOS over TCP/IP
-Change the folder view from large icons to list or details. Generating the icons slows browsing
-In the services management console change the "Windows Image Acquisition (WIA) service" from automatic to manual and stop the service.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
TechDaddyTAuthor Commented:
Irmoore: I appreciate you taking the time, but having done this (VPN) many times before, I've already tried disabling these items to no avail. And I've also gone far beyond the Windows built-in network diagnostics on both the client & server sides, reading through dozens of log files and captures which appear to show no problems.

RobWill: I've also tried all these items except one... I think you're on to something with the digital signatures. This is something I was unaware of and have sent this to the engineers to try. I'll let you know.
TechDaddyTAuthor Commented:
Rob, your "lurking paid off... it was indeed the AutoCAD digital signatures feature that was slowing the browsing. The engineers report that browsing the server is now nearly the same as browsing locally. Thanks for putting this fire out... points well earned.
Rob WilliamsCommented:
Glad to hear you were able to resolve. That is one I'll have to make note of. I use numerous VPN's and I have a few AutoCAD users, but haven't run into that. Bet it will come up some day.
Thanks for the update and points.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.